Error Invariants for Concurrent Traces

  • Andreas Holzer
  • Daniel Schwartz-Narbonne
  • Mitra Tabaei Befrouei
  • Georg Weissenbacher
  • Thomas Wies
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9995)

Abstract

Error invariants are assertions that over-approximate the reachable program states at a given position in an error trace while only capturing states that will still lead to failure if execution of the trace is continued from that position. Such assertions reflect the effect of statements that are involved in the root cause of an error and its propagation, enabling slicing of statements that do not contribute to the error. Previous work on error invariants focused on sequential programs. We generalize error invariants to concurrent traces by augmenting them with additional information about hazards such as write-after-write events, which are often involved in race conditions and atomicity violations. By providing the option to include varying levels of details in error invariants—such as hazards and branching information—our approach allows the programmer to systematically analyze individual aspects of an error trace. We have implemented a hazard-sensitive slicing tool for concurrent traces based on error invariants and evaluated it on benchmarks covering a broad range of real-world concurrency bugs. Hazard-sensitive slicing significantly reduced the length of the considered traces and still maintained the root causes of the concurrency bugs.

References

  1. 1.
    Černý, P., Henzinger, T.A., Radhakrishna, A., Ryzhyk, L., Tarrach, T.: Efficient synthesis for concurrency by semantics-preserving transformations. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 951–967. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39799-8_68 CrossRefGoogle Scholar
  2. 2.
    Christ, J., Ermis, E., Schäf, M., Wies, T.: Flow-sensitive fault localization. In: Giacobazzi, R., Berdine, J., Mastroeni, I. (eds.) VMCAI 2013. LNCS, vol. 7737, pp. 189–208. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-35873-9_13 CrossRefGoogle Scholar
  3. 3.
    Cytron, R., Ferrante, J., Rosen, B.K., Wegman, M.N., Kenneth-Zadeck, F.: Efficiently computing static single assignment form, the control dependence graph. ACM Trans. Program. Lang. Syst. (TOPLAS) 13(4), 451–490 (1991)CrossRefGoogle Scholar
  4. 4.
    D’Silva, V., Kroening, D., Purandare, M., Weissenbacher, G.: Interpolant strength. In: Barthe, G., Hermenegildo, M. (eds.) VMCAI 2010. LNCS, vol. 5944, pp. 129–145. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-11319-2_12 CrossRefGoogle Scholar
  5. 5.
    Engler, D.R., Ashcraft, K., RacerX: effective, static detection of race conditions and deadlocks. In: SOSP, pp. 237–252. ACM (2003)Google Scholar
  6. 6.
    Ermis, E., Schäf, M., Wies, T.: Error invariants. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 187–201. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32759-9_17 CrossRefGoogle Scholar
  7. 7.
    Farzan, A., Holzer, A., Razavi, N., Veith, H.: Con2colic testing. In: Foundations of Software Engineering (FSE), pp. 37–47. ACM (2013)Google Scholar
  8. 8.
    Flanagan, C., Freund, S.N.: FastTrack: efficient and precise dynamic race detection. Commun. ACM 53(11), 93–101 (2010)CrossRefGoogle Scholar
  9. 9.
    Flanagan, C., Qadeer, S.: A type and effect system for atomicity. In: Programming Language Design and Implementation (PLDI), pp. 338–349. ACM (2003)Google Scholar
  10. 10.
    Gupta, A., Henzinger, T.A., Radhakrishna, A., Samanta, R., Tarrach, T.: Succinct representation of concurrent trace sets. In: POPL, pp. 433–444. ACM (2015)Google Scholar
  11. 11.
    Holzer, A., Schwartz-Narbonne, D., Tabaei Befrouei, M., Weissenbacher, G., Wies, T.: Error invariants for concurrent traces. ArXiv e-prints, abs/1608.08584, August 2016Google Scholar
  12. 12.
    Huang, J., Zhang, C.: An efficient static trace simplification technique for debugging concurrent programs. In: Yahav, E. (ed.) SAS 2011. LNCS, vol. 6887, pp. 163–179. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-23702-7_15 CrossRefGoogle Scholar
  13. 13.
    Jalbert, N., Sen, K.: A trace simplification technique for effective debugging of concurrent programs. In: Foundations of Software Engineering (FSE), pp. 57–66. ACM (2010)Google Scholar
  14. 14.
    Jin, G., Song, L., Zhang, W., Lu, S., Liblit, B.: Automated atomicity-violation fixing. In: Programming Language Design and Implementation (PLDI), pp. 389–400. ACM (2011)Google Scholar
  15. 15.
    Jose, M., Majumdar, R.: Cause clue clauses: error localization using maximum satisfiability. In: Programming Language Design and Implementation (PLDI) (2011)Google Scholar
  16. 16.
    Kashyap, S., Garg, V.K.: Producing short counterexamples using “Crucial Events”. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 491–503. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-70545-1_47 CrossRefGoogle Scholar
  17. 17.
    Khoshnood, S., Kusano, M., Wang, C., ConcBugAssist: constraint solving for diagnosis and repair of concurrency bugs. In: ISSTA, pp. 165–176. ACM (2015)Google Scholar
  18. 18.
    Shan, L., Park, S., Seo, E., Zhou, Y.: Learning from mistakes: a comprehensive study on real world concurrency bug characteristics. ACM SIGPLAN Not. 43, 329–339 (2008)Google Scholar
  19. 19.
    McMillan, K.L.: An interpolating theorem prover. Theoret. Comput. Sci. 345(1), 101–121 (2005)MathSciNetCrossRefMATHGoogle Scholar
  20. 20.
    McMillan, K.L.: Lazy abstraction with interpolants. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 123–136. Springer, Heidelberg (2006). doi: 10.1007/11817963_14 CrossRefGoogle Scholar
  21. 21.
    Muchnick, S.S.: Advanced Compiler Design Implementation. Morgan Kaufmann, San Francisco (1997)Google Scholar
  22. 22.
    Murali, V., Sinha, N., Torlak, E., Chandra, S.: A hybrid algorithm for error trace explanation. In: VSTTE (2014)Google Scholar
  23. 23.
    Park, S., Vuduc, R., Harrold, M.J.: A unified approach for localizing non-deadlock concurrency bugs. In: Software Testing, Verification and Validation (ICST), pp. 51–60. IEEE (2012)Google Scholar
  24. 24.
    Park, S., Vuduc, R.W., Harrold, M.J.: Falcon: fault localization in concurrent programs. In: International Conference on Software Engineering (ICSE), pp. 245–254. ACM (2010)Google Scholar
  25. 25.
    Savage, S., Burrows, M., Nelson, G., Sobalvarro, P., Anderson, T.E.: Eraser: a dynamic data race detector for multithreaded programs. ACM Trans. Comput. Syst. 15(4), 391–411 (1997)CrossRefGoogle Scholar
  26. 26.
    Sinha, N., Wang, C.: On interference abstractions. In: Principles of Programming Languages (POPL), pp. 423–434. ACM (2011)Google Scholar
  27. 27.
    Tabaei Befrouei, M., Wang, C., Weissenbacher, G.: Abstraction and mining of traces to explain concurrency bugs. In: Bonakdarpour, B., Smolka, S.A. (eds.) RV 2014. LNCS, vol. 8734, pp. 162–177. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-11164-3_14 Google Scholar
  28. 28.
    Tip, F.: A survey of program slicing techniques. J. Program. Lang. 3, 121–189 (1995)Google Scholar
  29. 29.
    Wang, C., Kundu, S., Limaye, R., Ganai, M., Gupta, A.: Symbolic predictive analysis for concurrent programs. Formal Aspects Comput. 23(6), 781–805 (2011)MathSciNetCrossRefMATHGoogle Scholar
  30. 30.
    Xu, M., Bodík, R., Hill, M.D.: A serializability violation detector for shared-memory server programs. In: Programming Language Design and Implementation (PLDI), pp. 1–14. ACM (2005)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Andreas Holzer
    • 1
  • Daniel Schwartz-Narbonne
    • 2
  • Mitra Tabaei Befrouei
    • 3
  • Georg Weissenbacher
    • 3
  • Thomas Wies
    • 4
  1. 1.University of TorontoTorontoCanada
  2. 2.AmazonSeattleUSA
  3. 3.TU WienViennaAustria
  4. 4.New York UniversityNew YorkUSA

Personalised recommendations